Just set up Cloudflare Access and it’s working very nicely but only for one access policy.
On Cloudflare I have SSL/TLS mode to full, redirect to HTTPS enabled and HSTS on.
So, I have proxied A records for a.domain.com, a.a.domain.com, b.a.domain.com and c.a.domain.com all pointing at primary-ip.
I originally had the sub-sub domains as CNAME records pointing at a.domain.com with a wildcard but I’ve moved to explicitly defining the records, to remove any possible issues.
Now, I have Access policies for a.mydomain.com as well as the sub-sub domains.
At primary-ip I have Nginx Proxy Manager generating Let's Encrypt certs for the sub and sub-sub domains individually, enforcing SSL and redirecting the traffic to my internal devices.
To the crux of my issue. For some reason Cloudflare Access works perfectly on a.domain.com but on *.a.domain.com I don’t even get directed to the authentication page and Chrome gives me ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
I’ve pinged the *.a.domain.com sub-sub-domains and they are being proxied… So I’m stumped as to what is wrong…
DNS: app.example.com => IP Grey Cloud
*.app.example.com => IP Grey
admin .app.example.com => IP Orange Cloud
I am then trying to configure cloudflare access on the admin URL. I have no ability to flatten this as the “admin” URL is hosted by something I don’t control. I tried setting SSL to off but that didn’t seem to work